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Abstract 

We give new proofs of soundness (all representable functions on base types lies in certain 
complexity classes) for Elementary Affine Logic, LFPL (a language for polytime computation 
close to realistic functional programming introduced by one of us), Light Affine Logic and 
Soft Affine Logic. The proofs are based on a common semantical framework which is merely 
instantiated in four different ways. The framework consists of an innovative modification of 
realizability which allows us to use resource-bounded computations as realisers as opposed to 
including all Turing computable functions as is usually the case in realizability constructions. 
For example, all realisers in the model for LFPL are polynomially bounded computations 
whence soundness holds by construction of the model. The work then lies in being able to 
interpret all the required constructs in the model. While being the first entirely semantical 
proof of polytime soundness for light logics, our proof also provides a notable simplification 
of the original already semantical proof of polytime soundness for LFPL. A new result made 
possible by the semantic framework is the addition of polymorphism and a modality to LFPL 
thus allowing for an internal definition of inductive datatypes. 

1 Introduction 

In recent years, a large number of characterizations of complexity classes based on logics and 
lambda calculi have appeared. At least three different principles have been exploited, namely lin- 
ear types [31121, restricted modalities in the context of linear logic O^El an d non-size-increasing 
computation [8]. Although related one to the other, these systems have been studied with differ- 
ent, often unrelated methodologies and few results are known about relative intentional expressive 
power. We believe that this area of implicit computational complexity needs unifying frameworks 
for the analysis of quantitative properties of computation. This would help to improve the under- 
standing on existing systems. More importantly, unifying frameworks can be used themselves as 
a foundation for controlling the use of resources inside programming languages. 

In this paper, we introduce a new semantical framework which consists of an innovative mod- 
ification of realizability. The main idea underlying our proposal lies in considering bounded-time 
algorithms as realizers instead of taking plain Turing Machines as is usually the case in realiz- 
ability constructions. Bounds are expressed abstractly as elements of a monoid. We can define 
a model for a given (logical or type) system by choosing a monoid flexible enough to justify all 
the constructs in the system. The model can then be used to study the class of representable 
functions. 

This allows us to give new proofs of soundness (all representable functions on base types lies 
in certain complexity classes) for Light Affine Logic (LAL, PP), Elementary Affine Logic (EAL, 
5 ), LFPL 8 and Soft Affine Logic (SAL, [2]). While being the first entirely semantical proof of 
polytime soundness for light logics, our proof also provides a notable simplification of the original 
already semantical proof of polytime soundness for LFPL 8 . A new result made possible by the 
semantic framework is the addition of polymorphism and a modality to LFPL. 

The rest of the paper is organized as follows. In Section|21we describe an abstract computational 
model that will be used in the rest of the paper. In Section[2]we introduce length spaces and show 
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they can be used to interpret multiplicative linear logic with free weakening. Sections 01 and 
are devoted to present instances of the framework together with soundness results for elementary, 
soft and light affine logics. Section {7\ presents a further specialization of length spaces and a new 
soundness theorem for LFPL based on it. 

Related- Work Realizability has been used in connection with resource-bounded computation 
in several places. The most prominent is Cook and Urquhart work |]y, where terms of a language 
called PV" are used to realize formulas of bounded arithmetic. The contribution of that paper 
is related to ours in that realizability is used to show "polytime soundness" of a logic. There are 
important differences though. First, realizers in Cook and Urquhart £|] are typed and very closely 
related to the logic that is being realized. Second, the language of realizers PY° only contains 
first order recursion and is therefore useless for systems like LFPL or LAL. In contrast, we use 
untyped realizers and interpret types as certain partial equivalence relations on those. This links 
our work to the untyped realizability model HEO (due to Kreisel This, in turn, has also 

been done by Crossley et al. [5]. There, however, one proves externally that untyped realizers (in 
this case of bounded arithmetic formulas) are polytime. In our work, and this happens for the first 
time, the untyped realizers are used to give meaning to the logic and obtain polytime soundness 
as a corollary. Thus, certain resource bounds are built into the untyped realizers by their very 
construction. Such a thing is not at all obvious, because untyped universes of realizers tend to be 
Turing complete from the beginning to due definability of fixed-point combinators. We get around 
this problem through our notion of a resource monoid and addition of a certain time bound to 
Kleene applications of realizers. Indeed, we consider this as the main innovation of our paper and 
hope it to be useful elsewhere. 

2 A Computational Model 

In this paper, we rely on an abstract computational framework rather than a concrete one like 
Turing Machines. This, in particular, will simplify proofs. 

Let L C S* be the set of finite sequences over the alphabet S. We assume a pairing function 
(•,•}: L x L — ► L and a length function | • | : L — » N such that \{x,y)\ = \x\ + \y\ + cp and 
|x| < length(x), where length(x) is the number of symbols in x and cp is a fixed constant. We 
assume a reasonable encoding of algorithms as elements of L. We write {e}(x) for the (possibly 
undefined) application of algorithm e G L to input x G L. We furthermore assume an abstract time 
measure Time({e}(x)) G N such that Time({e}(x)) is defined whenever {e}(x) is and, moreover 

• {e}(x) can be evaluated on a Turing machine in time bounded by p( Time({e}(x)) + |e| + |x|), 
where p : N — > N is a fixed polynomial. 

• For each Turing machine M running in time / : N — ► N, there is e G L so that {e}($(x)) = 
$(?/), (where y is the result of running M on input x). Furthermore, Time({e}(Q(x))) = 
0(f(\x\)). 

• B = {0, 1}* can be embedded into L by a map <& : B — ► L such that both $ and $ 1 can be 
computed in polynomial time. 

• There are e ,ei G L such that for every x G B, {e }(<I>(x)) — $(0x), {ei}($(x)) = $(lx). 
Moreover, Time{{e }{x)) = Time ({a} (x)) = 0(1). 

• There is e comp (composition) such that for every x, y it holds that {e comp }((x, y)) — z where 
\z\ = \x\ + \y\ +0(1) and {z}(w) = {y}({x}(w)); moreover, Time({e comp }((x,y))) = 0(1) 
and Time({e comp }(w)) = Time({x}(w)) + Time({y}({x}(w))) + 0(1). 

• There is (identity) such that {eid}(x) = x for every x and Time ({e id} (x)) = O(l). 

• For every x G L there is e x const such that {e x const }(y) = x and Time ({e x const }(y)) = 0(1). 

• For every x G L there is e x ensconst such that {e x tensconst }(y) = (y, x) and Time({e x ensconst }(y)) = 
0(1). 

• There is e t hrowfirst such that for every x G L {e throw first] ((x, y)) = y and Time ({e thr ow first} ((x, y))) = 
0(1). 

• There is e swap (swapping) such that {e swap }({x, y)) = (y,x) and Time({e swap }(z)) < O(l). 
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• There is etens (tensor) such that for every x {et eTls }(x) = y where \y\ = \x\ + O(l) and 
{y}((z,w)) = ({x}(z),w); moroever, Time({e tens }(x)) = 0(1) and Time({y}((z, w))) = 
Time({x}(z)) + 0(1). 

• There is e ass i (rebracketing) such that {e ass i}((x, (y, z))) = ((x, y), z) and Time({e ass i}(x)) = 
0(1). 

• There is e contr (duplication, copying) such that {e contr }(x) = (x,x) and Time({e contr }(x)) = 
0(\x\). 

• There is e eval (application) such that {e eva i}{(x, y)) = {x}(y) and Time({e eval }({x, y))) = 
Time({x}(y))+0(1). 

• There is e curry (currying, "smn-theorem" ) such that, for each x, y = {e curry }(x) exists and 
satisfies \y\ — \x\ + 0(1) and Time({e curry }(x)) = O(l); moreover, for every z, c z = {y}(z) 
exists and satisfies \c z \ — \y\ + \z\ + O(l) and Time({y}(z)) = O(l); finally, for every w, 
{c z }(w) — {x}((z, w)) and Time({c z }(w)) — Time({x}((z, w))) + O(l). 

There are a number of ways to instantiate this framework. One noticeable and simple way consists 
in using call-by-value lambda calculus and is described in the following. S will be {A, @, 0, !.,►}. 
To any lambda term M £ A, we can associate a string M# £ E* in the obvious way. For example, 
if M = (\x.xy)(Xx.Xy.Xz.x), then M # is 

@A@^0^AAA^10 

In other words, free occurrences of variables are translated into while bounded occurrences of 
variables are translated into^s, where s is the binary representation of the dcBruijn index for the 
occurrence. L will just be the set of strings in S* corresponding to lambda terms via the mapping 
we just described. In the following, we will often write a lambda-term in the usual notation, but 
this is just syntactic sugar for the corresponding element of L. The abstract length \s\ of s 6 L 
is just length(s). The map $ : B — > L is defined by induction as follows: 

$(e) = Xx.Xy.Xz.z 
$(0s) = Xx.Xy.Xz.x$(s) 
$(ls) = Xx.Xy.Xz.yQ(s) 

Given M, N £ A, consider the following definitions: 



(M,N) 




Xx.xMN 


Mo 




Xx.Xy.Xz.Xw.yx 


Mi 




Xx.Xy.Xz.Xw.zx 


M com p 




Xx.Xy.Xz.x(yz) 


M ld 




Xx.x 


^ const 




Xx.N 


M N 

tensconst 




Xx.Xy.yxM 


M throw first 




Xx.x(Xy.Xz.z) 


M swa p 




Xx.x(Xy.Xw.Xz.zwy) 


M t ens 




Xx.Xy.y(Xz.Xq.(Xy.Xw.wyq)(xz)) 


M ass i 




Xx.x(Xy.Xw.w(Xz.Xq.Xr.r(Xs.syz)q)) 






Xx.Xy.yxx 


M eva i 




Xx.x(Xy.Xw.yw) 


M CUrr y 




Xx.Xy.Xw.x{Xz.zyw) 



Values are abstractions and variables. We consider call-by-value reduction on lambda terms, i.e. 
we take — > as the closurure of 

(Xx.M)V -» M{x/V} 
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under all applicative contexts. The application {M}(N) of two lambda terms is the normal form 
of MN relative to the call- by- value reduction (if one exists). We now define a (ternary) relation 
-» C A x N x A. In the following, we will write M -» N standing for (M, n, N) G^> The precise 
definition of -» (in SOS-style) follows: 

M^N n = max{l, \N\ - \M\} M^N N™L 



n n+m 

m -» m m -» n m -» L 

It turns out that for every M, N such that L is the normal form of MN, there is exactly one 
integer n such that MN -» L. So, defining Time({M}(N)) to be just n is unambiguous. All the 
axioms listed at the beginning of this section can be proved to be satisfied by this calculus. 



3 Length Spaces 

In this section, we introduce the category of length spaces and study its properties. Lengths will 
not necessarily be numbers but rather elements of a commutative monoid. 
A resource monoid is a quadruple M = (\M\, +, <m, I'm) where 

(i) (\M\, +) is a commutative monoid; 

(ii) <m is a pre-order on \M\ which is compatible with +; 

(iii) T> M : {(a, (3) \ a <m (3} — > N is a function such that for every a, (3, 7 

V M (a,(3)+V M {l3,j) < T>M(a,j) 

V M (a,f3) < P M (a + 7,/3 + 7 ) 

and, moreover, for every n € N there is a such that £>m(0, a) > n. 
Given a resource monoid M = (\M\, +, <m, D m), the function Tu ■ \M\ — > N is defined by 
putting JT M (a) = T>m(0, a). We abbreviate a + ■ ■ ■ + a (n times) as n.cr. 

Let us try to give some intuition about these axioms. We shall use elements of a resource 
monoid to bound data, algorithms, and runtimes in the following way: an clement ip bounds an 
algorithm e if Tui^p) > |e| and, more importantly, whenever a bounds an input x to e then there 
must be a bound (3 <m <P + ct for the result y — {e}(x) and, most importantly, the runtime of 
that computation must be bounded by T>m(P, ip + a). So, in a sense, we have the option of either 
producing a large output fast or to take a long time for a small output. The "inverse triangular" 
law above ensures that the composition of two algorithms bounded by ipi and ip2, respectively, 
can be bounded by ipi + <p2 or a simple modification thereof. In particular, the contribution of the 
unknown intermediate result in a composition cancels out using that law. Another useful intuition 
is that T>m{oi, (3) behaves like the difference /3 — a, indeed, (/? — a) + (7 — (3) < 7 — a. 

Lemma 1 If M is a resource monoid, then T>m is antitone on its first argument and monotone 
on its second argument. 

Proof. If a <m (3, then 

V M {a,j) > V M (a,(3)+V M {l3,j) >D M (/3,7); 
T> M {l,a) < V M {l,a)+V M {a,l3)>VM{l,l3). 

This concludes the proof. □ 

A length space on a resource monoid M = (\M\, +, <m,T^m) is a pair A — (\A\, \\~a), where \A\ is 
a set and Ih^ClMlxLxlvllisa (infix) relation satisfying the following conditions: 

(i) If a, e \\~a a, then J"m(o!) > |e|; 

(ii) For every a G there are a, e such that a, e Ih^ a 

(iii) If a, e Ih^ a and a < M [3, then (3, e \\~a a; 

(iv) If a, e \\~a a and a, e \\~a b, then a = b. 
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The last requirement implies that each element of \A\ is uniquely determined by the (nonempty) 
set of it realisers and in particular limits the cardinality of any length space to the number of 
partial equivalence relations on L. 

A morphism from length space A = (|^4| , Ih^) to length space B = {\B\,\\~b) (on the same 
resource monoid M = (|M|, +, <m, D m)) is a function / : \A\ — > \B\ such that there exist 
e G L = £*, ip G \M\ with Tu{p) > |e| and whenever a,d \\~a a, there must be (3, c such 
that 

(i) P,c\\-b f{a); 

(ii) /3 <m p + ct; 
(hi) {e}(d) = c; 

(iv) Time({e}(d)) <V M {f3,p + a) 

We call e a realizer of / and ip a majorizer of /. The set of all morphisms from A to B is denoted 
as Hom(A, B). If / is a morphism from A to B realized by e and majorized by ip, then we will 
write / : A B or <p, e \^a^>b f ■ 

Remark 1 is possible to alter the time bound in the definition of a morphism to Time({e}(d)) < 
T>m((3, p + ol)Fm(oi + <p). This allows one to accommodate linear time operations by padding the 
majorizer for the morphism. All the subsequent proofs go through with this alternative definition, 
at the expense of simplicity and ease of presentation, 

Given two length spaces A = (\A\,\\~a) and B = (\B\,\\~b) on the same resource monoid M, 
we can build A® B = (\A\ x \B\, \^a®b) (on M) where e, a \\~a®b (a, b) iff Tm{o) > e and there 
are /,ff,/3,7 with 

5,7 U- B b 

e = (f,g) 

a > M P + 7 

A (g) B is a well-defined length space due to the axioms on M. 

Given A and B as above, we can build A —o B = (Hom(A, B), \\-a^b) where e, a \\~a^b f iff 
/ is a morphism from A to B realized by e and majorized by a. 

Morphisms can be composed: 

Lemma 2 (Composition) Given length spaces A, B, C, there is a morphism 

comp :(B^C)®{A^B)^(A^C) 
such that comp(f,g) — Xx.f(g(x)). 

Proof. Let / : A B and g : B — -> C. We know there are constants p, q, r such that 
{e CO mp}((x,y)) = z where \z\ < \x\ + \y\+p and {z}(w) = {y}({x}(w)); moreover, Time({e comp }((x, y))) < 
rand Time({e C omp}(w)) — Time({x}(w))+ Time({y}({x}(w)))+q. Now, let us now choose /j, such 

that J-m(h) > P+Q, We will prove that comp(f, g) : A z,v ^tt^ tl (j Obviously, J 7 m(p + '4' + t 1 ) > \z\. 
If a, w \\~a a, then there must be (3, t such that (3,t \\~b /(«) and the other conditions prescribed 
by the definition of a morphism hold. Moreover, there must be 7, s such that 7, s he g{f{o)) and, 
again, the other conditions are satisfied. Putting them together, we get: 

7 <m P + ip <m a + ip + ip < M a + ip + ip + fj, 

and 

Time({z}{w)) < Time({x}{w)) + Time({y}(t)) + q 

< V M {f3,a + ip)+V M {l,(3 + i))+J : M{n) 

< V M {l3 + i),a + y + i))+VM{l,l3 + i))+VM{Q,n) 

< T> M ('y,a + tp + ip + fj) 

This concludes the proof, since comp : (B C) ® (A —o B) ^-®h^ A — o C where £ is such that 
^m(0 > r + \e comp \. □ 
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Basic morphisms can be built independently on the underlying resource monoid. Noticeably, they 
correspond to axiom of multiplicative linear logic: 

Lemma 3 (Basic Maps) Given length spaces A, B, C , there are morphisms: 

id : A—f A 
swap : A® B -> B ® A 

assl : A® (B ® C) -> (A® B) ® C 

eval : A ® (A -o B) B 
cum/ : ((A ® B) -o C) ^ -° (B -° C) 

where 

id(a) = a 
swap(a,b) — (b,a) 
assl(a, (b,c)) = ((a,b),c) 
eval(a,f) = f(a) 
curry(f) — Xa.Xb.f(a, b) 

Proof. We know that {eid}(d) takes constant time, say at most p. Then, let ifa 6 M be such that 
Fui}Pid) > V + \&%d\ (this can always be done). Now, let a, d \\~a a. We have that a, d \\~a id(a), 
a <m a + ip td , {e id }(d) = d. Moreover 

Time({e ld }(d)) < p< Ttd^Pid) = V m(0, tpid) 
< V M {a,a + ip ld ) 

This proves id to be a morphism. 

We know that {e swap }((d, c)) takes constant time, say at most p. Then, let ip swap S |M| 
be such that Tu^id) > P + \e SW a P \- Now, let a, e \\-a®b (a,b). This i that e = (<£, c) and 
a, (c, c?) Ihs 8j 4 (6, a). We can then apply the same argument as for id. In particular: 

Time({e swap }(e)) < p < T M ( fswa P ) = V m(0, <p swap ) 
< V M {a, a + (p swap ) 

This proves swap to be a morphism. We can verify assl to be a morphism exactly in the same 
way. 

We know that {e eva i}((d, c)) = {<i}(c) and {e ewa ;}((d, c)) takes constant overload time, say at 
most p. tfevai is chosen as to satisfy Tu{fevai) > V- Let now a, e \\-a®(A-oB) i a ,f)- This means 
that e = (d, c) and there are [3 and 7 such that 

/3, d Ih^ a 

a >m /3 + 7 
^Af(a) > ^m(/3) + ^m(7) + C P 

From 7, c Ih^^s / it follows that, by the definition of a morphism, there must be S,h such 
that 

(i) 5,h\\- B f(a) 

(ii) <5<m/3 + 7 

(iii) {c}(d) = ft 

(iv) nroe({c}(d)) < D M (^/3 + 7) 

From <5 <m /? + 7 and /3 + 7 <m a, it follows that S <m ol <m a + /i. Moreover: 

Time({e eval }((d,c))) < p + Time({c}(d)) < T M {Veval) +V M {6, + 7) 

< FM&eval) +V M {5,P + l) +V M {P + l,a) 

< T> M {0,ip eva i) +V M (S,a) 

< T> M (S, a + tp eV al) 
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Now, let us prove that curry is a morphism. First of all, we know there must be constants p,q,r,s,t 
such that, for each e, x, y, there are d and c x with 



Time ({e curr y} (e)) 
d 
\d\ 

Time({d}(x)) 
|c*| 

Time({c x }(y)) 
{e}«x,y» 



< 

< 
< 

< 
< 



P 

curry } (^) 

\e\+q 
r 

{d}(x) 

|e| + \x\ + s 

Time({e}((x,y)))+t 



Let fi, 6, £ e \M\ be such that 



Tm (/•*) 
Tm(j]) 



> 
> 
> 
> 
> 
> 



P 
Q 
r 
s 
t 

cp 



Let now 7, e \\~a®b^c /■ We know that \d\ < \e\ + q and Time({e cur r y }(e)) < p. In order to 
prove that curry is indeed a morphism realized by e curry and majorized by p + £, + <r + 6 + x + il> 
it then suffices to prove that 

j + fj, + a + 9 + x + 0,d I^a^b^c \a.Xb.f(a, b). 

Let then a,x \\~a a. There is c x such that c x = {d}(x), \c x \ < \e\ + \x\ + s and Time({d}(x)) < 
r. In order to prove that Xa.Xb.f(a,b) is indeed a morphism realized by d and majorized by 
7 + /i + cr + + X + ? ?! it then suffices to prove that 7 + a + p + theta + x + V> c x \\~b-°c A6./(a, 6). 
Let then fi, y Ihs b. There are <5, c such 8, c \\~c f(a, b), where 8 < a + fi + \ + 7- Moreover, we 
know that 

Time{{c x }{y)) < Time{{e}((x,y))) + 1 < V M {8, a + fi + x + 1) + 1 

< V M (S,a + l3 + ~f + x) + V M {0,r ] + V + 0) 

< V M (5,a + [3 + -/ + X + V + P + d) 

This concludes the proof. □. 
Length spaces can justify the usual rule for tensor as a map-former: 
Lemma 4 (Tensor) Given length spaces A, B, C, there is a morphism 

tens :{A^B)^ {{A ®C)^>{B® C)) 
where tens(f) = Xx.(f(ni(x)),TT2(x)). 

Proof. Let / : A — ^ B. We know there are constants p, q such that {et en s}{x) — y where \y\ < 
\x\ +p and {y}((z,w)) = {{x}(z),w); moroever, Time({e te ns}(x)) < q and Time({y}({z, w))) < 
Time({x}(z)) + r. Then, take ip £ \M\ such that ■T-m(V') > P + r, put a = tp + ip + fi, where 
J~m{p) > cp. Suppose a, (z,w) IHa®c ( a , c )- By definition, there are fi, 7 such that 

fi, z \\~a a 
7, w \\~c c 
a > M fi + 7 
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By hypothesis, there are 6, t such that 

S,t\\- B f(a) 
S < M <P + P 
{e}{z) = t 
Time{{e}{z)) < V M (S,<p + {3) 

Then, 7 + 6 + /i, (t, w) \\-b®c (/(a), c). Moreover, 

7 + <5 + /u <m 7 + tp + (3 + fx <m a + ip + (i <m a + a 

Finally: 

Time({y}({z, w})) < Time({x}(z)) + r 

< V M (5,ip + p)+T M W 

< V M (6,tp + /3 + Tp) 

< V M (j + S + [i,7 + (p + /3 + ii + 'ip) 
= P M (7 + <5 + /x,7 + y 3 + cr) 

= V M {l + S + n,a + a) 



This concludes the proof, since tens : (A -o B) 

tens I ■ 

Thus: 



(A <g> C) -o (B (8) C) where £ is such that 
□ . □ 



Lemma 5 Length spaces and their morphisms form a symmetric monoidal closed category with 
tensor and linear implication given as above. 

A length space / is defined by |/| = {0} and a, e Ih^ when Tm{o) > |e|. For each length space 
A there are isomorphisms A ® / — A and a unique morphism A—* I. The latter serves to justify 
full weakening. 

For every resource monoid M, there is a length space B M = ({0, 1}*, lh Sjv/ ) where a, $(t) lh Bju t 
whenever Tm{oi) > \t\. The function s (respectively, Si) from {0,1}* to itself which appends 
(respectively, 1) to the left of its argument can be computed in constant time on the abstract 
computational model and, as a consequence, is a morphism from Bm to itself. 

3.1 Interpreting Multiplicative Affine Logic 

We can now formally show that second order multiplicative affine logic (i.e. multiplicative linear 
logic plus full weakening) can be interpreted inside the category of length spaces on any monoid M. 
Doing this will simplify the analysis of richer systems presented in following sections. Formulae of 
(intuitionistic) multiplicative affine logic are generated by the following productions: 

A ::= a \ A -o A\ A<Z> A\ Va.A 

where a ranges over a countable set of atoms. Rules are reported in figure ^ A realizability 
environment is a partial function assigning length spaces (on the same resource monoid) to atoms. 
Realizability semantics \A\^ of a formula A on the realizability environment 77 is defined by 
induction on A: 



\A®B\® 
{A ^ Bjf 



77(a) 

[< 
\A\f 



JI77 \l^Urj 

Wa.A]*\,H-p a .jqm) 
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Identity, Cut and Weakening. 



I a i r~> U =; JT , , W 



Multiplicative Logical Rules. 



T,A®B\-C r,AhA®B r,A,A^ B h C rhi^B 

Second Order Logical Rules. 

hr,i[C/a]hB v rhi a(jtFV(T) y 
T,Va.A h B L r h Va.A ^ 

Figure 1: Intuitionistic Multiplicative Affine Logic 



where 

|[Va.A]f| = [] IM*<~c]l 

Here ^ stands for the class of all length spaces. A little care is needed when defining the product 
since strictly speaking it docs not exist for size reasons. The standard way out is to let the 
product range over those length spaces whose underlying set equals the set of equivalence classes 
of a partial equivalence relation on I. As already mentioned, every length space is isomorphic to 
one such. When working with the product one has to insert these isomorphisms in appropriate 
places which, however, we elide to increase readability. 

If n > and Ai, . . . , A n are formulas, the expression \A\ <g> . . . <g> A n J® stands for I if n = 

and[4i®...®A,-il£®|[A n ]*ifn>l. 

4 Elementary Length Spaces 

In this section, we define a resource monoid C such that elementary affine logic can be interpreted 
in the category of length spaces on C We then (re)prove that functions representable in EAL are 
elementary time computable. 

A list is either empty or cons(n, I) where n € N and I is itself a list. The sum I + h of two lists 
I and h is defined as follows, by induction on I: 

empty + h = h + empty = h 
cons(n,l) + cons(m,h) = cons(n + m,l + h) 

For every e e N, binary relations < e on lists can be defined as follows 

• empty < e I; 

• cons(n, I) < e cons(m, h) iff there is d G N such that 

(i) n < 3 e (m + e) - d; 

(ii) l< d h. 

For every e and for every lists I and h with I < e h, we define the natural number V e (l,h) as 
follows: 

T> e {empty, empty) = 0; 
V e (empty, cons (n, I)) = 3 e (n + e) + 2? 3 e( n+e ) (empty, I); 
V e (cons(n,l), cons(m,h)) = 3 e (m + e) - n + X> 3 e( m+e )_„(7, /i); 
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Given a list I, U stands for the list cons(0, 1). The depth depth(l) of a list I is defined by induction 
on I: depth(empty) = while depth(cons(n, I)) = depth(l) + 1. |2| stands for the maximum integer 
appearing inside I, i.e. \empty\ — and \cons(n,l)\ — max{n, |Z|}. For every natural number n, 
[n]c stands for cons(n, empty). 

We can now verify that all the necessary conditions required by the definition of a resource 
monoid are satisfied. To do this, we need a number of preliminary results, which can all be proved 
by simple inductions and case-analysis: 

Lemma 6 (Compatibility) empty < e I for every I. Moreover, if I, h,j are lists and I < e h, then 
l+j <e h + j. 

Proof. The first claim is trivial. To prove the second, we proceed by an induction on j. If 
j = empty, then I + j = I < e h = h + j. Now, suppose j — cons(n,g). If h = empty, then 
I = empty and, clearly l+j = j < e j = h + j . If I = empty, we have to prove that j < e h + j. Let 
h = cons(m, /); then 

n < n + m < 3 e (n + m + e) — 
9 <o 9 + f 

which means j < e h + j. Finally, suppose I — cons{m, /), h = cons(p, r). Then we know that 

m < 3 e (p + e)-d 
f <d r 

But then, by inductive hypothesis, 

m + n < 3 e (p + e) + n-d<3 e (p + n + e)-d 
f + g <d r + g 

which yields I + j < e h + j . □ 

Lemma 7 (Transitivity) Ifl,h,j are lists and I < e h, h <d j, then I <d+ e j- 

Proof. We can suppose all the involved lists to be different from empty, since all the other cases 
are trivial. I = cons(n,g), h — cons(m,f) and j = cons(p,r). From the hypothesis, we have 

n < 3 e (m + e)-c 

to < 3 d (p + d)-b 

9 <c f 

f <b r 

But then, by inductive hypothesis, we get 

n < 3 e (to + e) - c < 3 e (3 d (p + d)-b + e)-c< 3 e 3 d (p + d + e)-b-c = 3 e+d (p + d + e) - (b + c) 
9 <c+b r 



This means I <d+ e j- □ 
Lemma 8 if l,h,j are lists and I < e h, then V e (l, h) < T> e (l + j, h + j) 

Proof. We proceed by an induction on j. If j = empty, then I + j = I and h + j = h. Now, 
suppose j = cons(n,g). If h = empty, then I = empty and, clearly l+j = j = h + j. If I = empty, 
let h = cons(m, f); then 

V e (l,h) = V e (empty,h) = 3 6 (m + e) + V 3 , {m+e) (empty, f) 

< 3 6 (to + e) + Tn - 3 e n + V 3 . (m+e)+3 . n _ 3 . n (g, g + f) 

< ¥{m + n + e)-n + V y{m+n+e )_ n (g, g + f) 
= V e (j,h + j)=V e (l+j,h + j) 
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Finally, suppose I — cons(m, /), h — cons(p,r). Then we know that 

V e (l,h) = 3 e (m + e) -p + V 3 e {m+e) _ p (f,r) 

< 3 e (m + e) - p + D 3e ( m+e )_ p (/ + g,r + g) 

< 3 e (m + e) + 3 e n- (n + p) + V y(m+e)+3 . n _ n _ p (f + g,r + g) 
= 3 e (m + n + e) - (n + p) + T> 3 ^ m+n+e) _ {n+p) (f + g,r + g) 

= V e (l+j,h + j) 

Lemma 9 ///, h,j are lists and I < e h, h < d j, then T> e {l, h) + V d (h,j) < T> e+d (l, j)- 

Proof. If either h = empty or j = empty, then the thesis is trivial. So suppose h = cons(n,g) 
and j — cons(m, /). If I — empty, then 

T> e (l,h) +V d (h,j) = 3 e (n + e) + V 3 . {n+e) (empty , g) + 3 d (m + d) - n + T> 3 . (m+d) _ n (g, /) 

< 3 e (n + e) + 3 d (m + d)-n + T> 3 ? {n+e)+3d{m+d) _ n (empty , /) 

< (3 e - l)n + 3 e e + 3 d (m + d) + V (3 ._ 1]n++3 , e+3d[m+d] (empty, /) 

< (3 e - l)3 d (m + d) + 3 e e + 3 d (m + d) + V (3c _ 1)3d(m+d)+3Ce+3d(m+d) (empty, f) 
= 3 d+e (m + d+ e) + V 3d+Hrn+d+e) (empty, /) 

= T> e+d (l,j) 

If I = cons(p,r), then 

V e (l,h) +V d (h,j) = 3 e (n + e) - p + T> 3Hn+e) _ p (r, g) + 3 d (m + d) - n + V 3 d^ m+d) _ n (g, f) 

< 3 e {n + e) - p + 3 d (m + d) - n + T> 3 e {n+e) _ p+3d{m+d) _ n (r, /) 

< (3 e - l)n + 3 e e + 3 d (m + d) - p + T> {3 *_ 1)n+3 e e+3 * (m+d) _ p (r, f) 

< (3 e - l)3 d (m + d)+ 3 e e + 3 d (m + d) - p + V {3 ^ 1)3d{m+d)+3 . e+3d(m+d) _ p (r, f) 
= 3 d+e (m + d + e)-p + T> 3d +. {m+d+e) _ p (r, f) 

= ?>e+d(lj) 

This concludes the proof. □ 
\C\ will denote the set of all lists, while <£,X>£ will denote <o and T>q, respectively. 
Lemma 10 C = (\C\, +, ) * s a resource monoid. 

Proof. (C,+) is certainly a monoid. Compatibility of <£ follows from lemmas El and [7] The 
two required property on T>£ come directly from lemmas |H] and |5J If n 6 N, observe that 
Tc(cons(n, empty)) = n. This concludes the proof. □ 

An elementary length space is a length space on the resource monoid (|£|, +, <£, T>c). Given an 
elementary length space A = (\A\,\\-a), we can build the length space IA — (\A\,\\-\a), where 
l,e a iff h, e Ih^ a and I >jr}h. The construction ! on elementary length spaces serves to 
capture the exponential modality of elementary afhne logic. Indeed, the following two results 
prove the existence of morphisms and morphisms-forming rules precisely corresponding to axioms 
and rules from EAL. 

Lemma 11 For every e S N and for every I £ C, I + I <i I and T> e+ i(l + 1,1) > 2? e (0, 1). 

Proof. The inequality I + I <i I can be proved by induction on I. The base case is trivial. If 

I = cons(n, h), then 

n + n < 3n + 3-l = 3 1 (n + l)-l 
h + h<x h 
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The second inequality can be proved by induction on I, too. The base case is trivial. If I 
cons(n, h), observe that 

V e+1 (l + l,l) = 3 e+1 (n + e + l)-2n + V 3 e +Hn+e+1) _ 2n (h + h,h) 
V e (0,l) = 3 e {n + e) + V 3Hn+e) (0,h) 



But 



T +1 (n + e+ 1) - 2n = 3 e (n + e + 1) + 2(3 e )(n + e + 1) - 2 



> 3 e (?i + e + 1) + 2n - 2n > 3 e {n + e) + 1 

This concludes the proof. □ 

Lemma 12 (Basic Maps) Given elementary length spaces A, B , there are morphisms: 

contr : \A -^\A(&\A 
distr : \A®\B —>\(A ® B) 

where contr(a) = (a, a) and distr(a,b) — (a,b) 

Proof. We know {e contr }(d) takes time |d| +p, where p is a constant. Then, let l,h £ £ be such 
that T C {1) > P+\e CO ntr\, Fc{h) > cp. Define l con tr to be l + h+[l] C - Clearly, Tc{l C ontr) > \e CO ntr\ 
Now, let j, d \\-\a a. This implies that j >c*-k where k, d \\~a a. Then: 

h+\k+\k > c lk+\k 
F £ (h+lk+\k) > J 7 c (h)+ F c {\k)+ T c {\k) 
> cp + T c {\k)+T c {\k) 

This yields h+\k+\k, e \\-\.A®lA (a, a). By lemma ITT1 h+\k+\k < c h+\k + [l] c <c h + j + [l]c <c 
3 + lcontr- Finally, 

Time{{e contr }{d)) < \d\ + p < F c (k) + p < V c (\k+\k, \k + [l] c ) + F c (l) 

< V c (\k+\k,\k+[l]c + l) 

< V c (lk+\k + h,lk+[l}c + l + h) 
= Vc{lk+\k + h,lk + l contr ) 

This proves contr to be a morphism. 

Let edistr = eid- We know {eid}(d) takes constant time, say p. Then, let I, h £ C be such that 
Fc(l) > P+ \edistr\, Fc(h) > cp. Uistr is then defined as l+lh. Now, let j, (d, c) \\-\a®\b (a, »)■ This 
means that j >\k+\i, where k,d \\~a cl and i,c \\~b b. This in turn means that k + i + h, (d,c) \\~a®b 
(a, 6) and !(fc + % + h), (d, c) \\-ua®b) (a, 6). Moreover 

!(fc + i + h) =\k+\i+\h < c j + lh < c j + Idistr 

Finally: 

Time({e d istr}((d,c))) < p < Tc($) 

< ■D c (\(k + i + h),j+\h)+Fc(l) 

< V c (\(k + i + h),j+lh + l) 

< V c (l(k + i + h),j + l d istr) 

This proves distr to be a morphism. □ 
Lemma 13 (Functoriality) If f : A B. then there is -0 such that f :\A ^—*IB 
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Exponential Rules and Contraction. 



rh A p TAAAAhB ^ 



THA r,!ihB 



Figure 2: Intuitionistic Elementary Affmc Logic 



Proof. Let 8 be lip and suppose d, I \\-\a a. Then I >\h, where d, h \\~a a - Observe that there 
must be j, c such that c,j \\~b /(a), j <£ h + ip and Time({e}(d)) < T>c(j,h + ip). But then 
c, !j Ihs /( a ) and, moreover 

{] <c \{h + <p)=\h+\p< c \h + 6 
Time({e}(d)) < V c (j, h + <p)< V c (\j, \(h + p)) 
< T>cQj,\h+\<p))<V c (lj,l + &) 

This means that / :L4 ^U\B. □ 
Elementary bounds can be given on Fc(J) depending on \l\ and depth (I): 

Proposition 1 For every n £ N there is an elementary function p n : N — > N such that Tc{l) < 

Pdep*fe(/)(|^|)- 

Proof. We prove a stronger statement by induction on n: for every neN there is an elementary 
function q n : N 2 — > N such that for every i", e, T> e (empty, I) < qdepthtl) (1^1 j e )- First of all, we know 
that T> e {empty, empty) = 0, so go is just the function which always returns 0. q n +i is defined from 
q n as follows: q n +i(x,y) = 3 v (x + y) + q n (x, 3 y (x + y)). Indeed: 

T> e (empty, cons (n, I)) = 3 e (rt + e) + T> 3 c^ n+e ^(empty,l) 

< 3 e (\cons(n, l)\ + e) + qde P th(i){\l\,3 e (n + e)) 

< 3 e (\cons(n, l)\ + e) + q depth ^(\cons(n,l)\,3 e \cons(n,l)\ + e) 

cons(n, 

i)){\cons{n : l)\,e) 

At this point we just put p n {x) = <7„(ir, 0). □ 

We emphasize that Proposition^does not assert that the mapping (n, m) i— > p n (m) is elementary. 
This, indeed, cannot be true because we know EAL to be complete for the class of elementary 
functions. If, however, A C C is such that I € A implies depth(l) < c for a fixed c, then 
(! £ 4) H» Pdeptfr(z)(KI) is elementary and it is in this way that we will use the above proposition. 

4.1 Interpreting Elementary AfRne Logic 

EAL can be obtained by endowing multiplicative affine logic with a restricted modality. The 
grammar of formulae is enriched with a new production A ::=\A while modal rules are reported 
in figure|2] Realizability semantics is extended by =![AJ*. 

Theorem 1 Elementary length spaces form a model of EAL. 

Now, consider the formula 

Lzs^eal = Va.!(a — o a) — o!(a — o a) — °!(a — o a) 

Binary lists can be represented as cut-free proofs with conclusion List^AL- Suppose you have 
a proof 7r :P List£M_ —°l k List^M.- From the denotation \tt\^ we can build a morphism g from 
[-ListEAiJ* to Be by internal application to e, sq, si. This map then induces a function / : B — ► B 
as follows: given w G B, first compute a realizer for the closed proof corresponding to it, then 
apply g to the result. 
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Exponential Rules and Contraction. 



r h a 
\t\-ia 



p 



T,A,...,A\- B 

tJaFb 



C 



Figure 3: Intuitionistic Soft Affine Logic 



Remark 2 Notice that elements of Be can all be majorized by lists with unit depth. Similarly, 
elements of [LisiEALj^ corresponding to binary lists can be majorized by lists with bounded depth. 
This observation is essential to prove the following result. 

Corollary 1 (Soundness) Let it be an EAL proof with conclusion \-P List^Ai —°l k ListEhi and let 
f : L — > L be the function induced by [tt] . Then f is computable in elementary time. 

The function / in the previous result equals the function denoted by the proof tt in the sense of 
|10j . This intuitively obvious fact can be proved straightforwardly but somewhat tediously using 
a logical relation or similar, see also [TT)] . 

5 Soft Length Spaces 

The grammar of formulae for SAL is the same as the one of Elementary Affine Logic. Rules are 
reported in figure|3| We here use a resource monoid whose underlying carrier set is \T\ = \C\ x N. 
The sum (l,n) + (h,m) of two elements in \2\ is defined as (I + h,max{n,m}). For every e £ N, 
binary relations < e on |X| can be defined as follows 

• (empty, n) <o (empty, m) iff n < to; 

• (empty, n) < e (cons(m, l),p) iff there is d £ N such that 

(i) e < m + pd 

(ii) (empty, n) < d (l,p) 

• (cons(n, I), to) < e (cons(p, h), q) iff there is d £ N such that 

(i) e + n < p + qd; 

(ii) (l,m) < d (h,q). 

If a = (l,n) £ |T|, then !a will be the couple (cons(0,l),n) £ \T\. If there is e such that a < e (3, 
then we will simply write a <x f3. For every a and (3 with a <x P, we define the natural number 
T>x(a,(3) as follows: 



Analogously we can define T>x(a,(3) simply as the maximum integer e such that a < e (3. \a\ is the 
maximum integer appearing inside a, i.e. | (Z, rz.) | = max{|/|,m}. The depth depth(a) of a = (l,n) 
is depth(l). 

Lemma 14 (Compatibility) (empty, 0) <o a for every a. Moreover, if a,f3,j £ \T\ and a < e 
(3, then a + 7 < e (3 + 7. 

Proof. The first claim is trivial. To prove the second, we proceed by an induction on the structure 
of the first component of 7. We just consider the case where the first components of a, (3, 7 are all 
different from empty. So, suppose a = (cons(n,l),m), (3 = (cons(p,h),q), 7 = (cons(r, j), s). By 
hypothesis, we get d £ N such that 



Vx((empty, n), (empty, to)) 
Vx ((empty, n), (cons(m,l),p)) 
T>x((cons(n, I), to), (cons(p, h), q)) 



m + pT>x ((empty, n), (l,p)) 
p~n + qV x ((l, to), (h, q)) 







e + n < p + dq 
(l,m) < d (h,q) 
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Then, e+n+r < p+r+dq < p+r+d max{g, s} and, by induction hypothesis, (l+j, max{m, s}) <<2 
(h + j, max{g, s}). This implies that a + 7 < e /? + 7. □ 

Lemma 15 (Transitivity) // a, /3, 7 £ |T| are fots and a< e (3, (3 <d 7, iften a <d+ e 7. 

Proof. We go by induction on the structure of the first component of 7 and we suppose the first 
components of a, (3, 7 to be different from empty. So, let a = (cons(n,l),m), (3 = (cons(p,h),q) 
and 7 = (cons(r, j), s). From the hypothesis, there are c, b £ N such that 

e + n < p + cq 

d + p < r + bs 

(l,m) < c (h,q) 

(h, q) <b (j, s) 

But then, by inductive hypothesis, we get 

(e + d) + n < d + p + cq < r + bs + cq < r + (b + c)s 
(I, m) < c+b (j, s) 

which yields a <d+ e 7- D 
Lemma 16 if a, (3, 7 G I and a < e (3, then T>x(a, (3) < T>j(a + 7, (3 + 7) 

Proof. This is trivial in view of 1 141 and the fact that T>j(a, (3) is just max{e £ N | a < e (3}. □ 
Lemma 17 If a,(3,j el and a < e (3, (3 <d 7, then V e (a, (3) + T>d((3,j) < Pe+^a, 7). 
Proof. This is trivial in view of 1151 and the fact that T>j(a, f3) is just max{e £ N | a < e (3}. □ 
Lemma 18 (X, +, <j, Pi) is a resource monoid. 

Proof. (|Z|,+) is certainly a commutative monoid. Compatibility of <% follows from lemmas ITU 
and 1 151 The two required property on T>z come directly from lemmas ll6l and lT7l If n £ N, observe 
that !Fx((cons(n, empty), 0)) = n. This concludes the proof. □ 

A soft length space is a length space on the resource monoid (I, +, <i,"Dx). 

Given a soft length space A = (\A\, \\~a), we can build the length space IA = (\A\, \\~\a), where 
a, e \\-\a a iff /3,e Ih^ a and a >i\(3. We write [n,m]x for (cons(n, empty), m). 

Lemma 19 For every a£l and for every n, to £ N the following inequality holds: 

n.a <„^ x ( Q ) +m !a + [to, 2n]j 

Proof. Let a — (l,p). We go by induction on i. If Z is empty, then 

n.a — (empty, p) 

\a+[m,2n]z = (cons(m, empty), maxjp, 2n}) 

nJ-x(a) + to = to 

empty <q empty 

This implies the thesis. Moreover, if / = cons(q, h), then 

n.a = (n.l,p) = (cons(nq,n.h),p) 
la + [to, 2n]x = (cons(m,l),uiax{p,2n}) 
nJ-j(a)+m = n(q + pTj(l,p)) + to 
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By induction hypothesis, we get 

(n.h,p) < n r x (h,p)+q l(h,p) + [q,2n]x = (l ) max{p,2n}) 
(n(q + pTxil^v)) + m) + n 1 = 

< 



m 

m - 



2nq + npTx(l,p) 
max{p, 2n}(nJ 7 x(h,p) + q) 



from which the desired inequality easily follows. 



□ 



Lemma 20 (Basic Maps) Given soft length spaces A, B and a natural number n > 1, there are 
raorphisms: 

n times 
contr n : \A — » A ® . . . <g) A 
distr : \A®\B ->\(A <g> B) 

n times 

where contr(a) = (a, . ?. , d) and distr(a,b) = (a, b) 

Proof. We define realizers e™ ontr for every n > 1 by induction on n: 



e-id 

i e contr) e contr 



Clearly, e" ontr is a realizer for contr n . Moreover, Time({e™ ontr }(x)) < n\x\ + q n , where q n does 
not depend on x. Now, let ip n be such that Txi^n) > cp -n and <p™ ontr be [q n , 2n]x + ipn for every 
n > 1. Now, let a,j \\-\a a. This implies a >z!(Z,?n), where (l,m),j \\~a a. Notice that 



n times 
n.(l,m)+ip n ,(j,...,j) U- A 



n times 

7i times 



By lemma El we finally get 

n.(l,m)+^ n <z 



l(l,m) 
l(l,m) 



Time({e n contr }{j)) 



[q n ,2n]x + tp n 

fcontr ^ fcontr + a 

< n\j\ + q n 

< nJ r x(/, m) + q n 

< Vx(n.(l,m),\(l,m) + [q„,2n]x) 

< T>x(n.(l, to), (cons(q n , I), max{m, 2n})) 

< T>x(n.(l, to) + V^n, (cons(q n , I), max{m, 2n}) + tp n ) 

< T>x{n.(l, to) + tp n , [q n ,2n]x + a + ip n ) 

< T>x(n.(l,m)+ip n ,a + <p^ ontr ) 

This proves each e™ on4r to be a morphism. 

Let edistr — Sid- We know {e^H^O takes constant time, say p. Then, let ip, /i S I be such that 
•^i(V') > |edistr|, ^z(a*) > cp. tpdistr is then defined as ip+lfj,. Now, let a, (d, c) \\-\a®\b (a, 6). 
This implies a >l[3+l"f, where (3, d \\~a a and 7,c lh# 6. This in turn implies (3 + j + fi, {d,c) \\~a®b 
(a, b) and !(/3 + 7 + fj,), (d, c) lh(A®B) i a ,b). Moreover 

!(/3 + 7 + /j) =!/3+! 7 +!/a < £ <c a + p dl str 

Finally: 

Time({e distr} {{d, c))) < p < Fc{ip) 

< P £ (!(/3 + 7 + M ),a+! M + ^) 

< T> c (l{f3 + j + n),a + tpdistr) 
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Exponential Rules and Contraction. 



r, a h a 



AY- B 
\AHB 




T,\A,\Ah B 
r, \A\- B 



C 



; r,!Ah§A 



Figure 4: Intuitionistic Light Affine Logic 



This proves distr to be a morphism. 



□ 



Lemma 21 (Functoriality) If f : A - J — » B, then there is tp such that f :\A -^—tlB 

Proof. Let 9 be lip and suppose a, d \\-\a a. Then a >!/3, where (3,d \\~a a. Observe that there 
must be 7,c such that 7, c Ih^ /(a), 7 <£ + V 5 an d Tzme({e}(d)) < T>c(liP + </?)• But then 
!7, c Ihs f(a) and, moreover 



Proposition 2 For every n S N i/iere is a polynomial p n : N — > N sttc/i that J-j(a) < Pdepth(a) (M) 
/or every a 6 |X| . 

Proof. We go by induction on n. First of all, we know that T>z((empty,0), (empty, m)) — 0, so 
Po is just the function which always returns 0. p„+i is defined from p n as follows: p n +i(x) = 
x + xp n (x). Indeed: 

T>i ((empty, 0), (cons (n, I), m)) = n + mVj((empty, 0), (I, m)) 

< |(cons(n,Z),m)| + \(cons(n,l),m)\p depth{{Um ))(\(cons(n,l),m)\) 

P depth ((cons (n,Z) ,m)) 

((cons(n, l),m)). 

This concludes the proof. □ 

Again, we do not claim that (n, m) 1— » p n (m) is a polynomial (c.f. Remark^. 

Theorem 2 Sb/t length spaces form a model of SAL. 

Binary lists can be represented in SAL as cut-free proofs with conclusion 



Corollary 2 (Soundness) Let ir be an SAL proof with conclusion hP List$AL -o\ k Lists/\i and let 
f : L — > L fee £/ie function induced by [ttJ 1 ^. TTien / is computable in polynomial time. 

6 Light Length Spaces 

The grammar of formulae for Light Affine Logic is the one from Elementary Affine Logic, enriched 
with a new production A ::— §A Rules are reported in figure^ Light length spaces are a model of 
Light Affine Logic. The underlying resource monoid is more complex than the ones we encountered 
so far. This complexity is a consequence of the strange behaviour of modality !, which is functorial 
but does not distribute over tensor (i.e. \(A (g> B) ^.\A®\B). 



Time({e}(d)) < P £ ( 7 , (3 + <p) < P £ (! 7 , l((3 + <p)) 
< X> £ (! 7 ,!/34» < V c (h,a + 6) 



This implies / :\A 



IB. 



a 



List$AL = Va.!(a — ° a) —°l(a — o a) —a (a —a a) 
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A tree is either empty or a triple node(n, t, T) where n G N, t is itself a tree and T is a finite 
nonempty set of trees. |T| is the set of all trees. We write [n]r for the tree node(n, empty, {empty}). 
The sum t + s of two trees t and s is defined as follows, by induction on n: 

empty + t = t + empty — t; 
node (n, t , T) + node (m,u,U) = node(n + m,t + u,T U U); 

Here, more sophisticated techniques are needed. For every n, e G N, binary relations <™ on trees 
can be defined as follows 

• t <° u for every (,«£ |T|; 

• empty <" +1 t for every t G |T|; 

• node(m, t, T) <™ +1 empty iff there is d G N such that 

(i) m < e — d; 

(ii) t < r d l 2 empty; 

(iii) For every s G T, s <^ empty. 

• node(m, 1, T) <™ +1 node(l, u, ?7) iff there is d G N such that 

(i) m < I + e — d; 

(ii) There is a function / : {1, . . . , d} — ► t/ such that £ <J, u + 

(iii) For every s G T there is z G U with s <JJ z. 

For every e, n G N and for every trees t and u with £ <" m, we define the natural number V™(t, u) 
as follows: 

V° e (t,u) = 
V'2 +1 {empty 1 empty) = e + D™(empty, empty) 

m+e 

V™ +1 {empty, node{m,t,T)) = m + e + max{£^ m+e)2 (empty, t + ^ /(i))} 

^ »=i 
X>" +1 (nocfe(ra, t, T), empty) = e - m + V™ e _ m y (t, empty) 

l+e—m 

V? +1 (node(m,t,T),node(l,u,U)) = I + e - m + max{D|J +e _ m)2 (t,« + £ /(i))} 

i=l 

If t is a tree, then \t\ is the greatest integer appearing in t, i.e. \empty\ = and |node(n, t, T)\ = 
max{n, \t\, max ue x \u\}. 

The depth depth(t) of a tree i is defined as follows: depth(empty) = and 

depth(node(n,t,Tj) = 1 + ma,x{ depth (t) , max depth(u)}. 

Given a tree t G \T\, we define !t as the tree node{\, empty, {t}) and §t as the tree node(0, t, {empty}). 
In this context, a notion of isomorphism between trees is needed: we say that trees t and u are 
isomorphic and we write t = u iff for every e, n G N and for every tree t; the following hold: 

v<"t & w<"u 

v:( v ,t) = v:{v,u) 

V1{t,v) = V:(u,v) 



Lemma 22 empty = [0]r- Moreover, for every tree t, t + empty = t + [0]r- 
Proof. We have to prove that for every e, n G N and for every tree v: 

v <™ empfy w <" [0]r 

empty <™ v <^ [0]r <" u 
V n e {v, empty) = V n e {v, [0] r ) 
1% (empty, v) = D?([0] r ,«) 
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We go by induction on n, considering the case where n > 1, since the base case is trivial. First of 
all, observe that both empty <" +1 t and [0]r <" +1 t f° r every t. Moreover, empty <™ +1 empty 
and [0]r empty. Suppose now that node(m,t,T) <™ +1 empty. This means that there is d 

such that 

(i) m < e — d; 

(ii) i <^ 2 empty; 

(iii) for every s E T, s < d empty. 

If we put /(i) = empty for every z, we get t <^ 2 empty+^2^ =1 f(i), which yields node(m, t, T) <™ +1 
[0]r- In the same way, we can prove that if node(m,t,T) <" +1 [0]r, then node(m,t,T) <™ +1 

We have: 



X>" +1 (empty , empty) 
V? +1 (empty, [0]r) 
D e " +1 ([0] r , empty) 

V^ +1 (empty, node(m,t, T)) 



V^ +1 (node(m,t, T), empty) 



e + U™ 2 (empty, empty) 
e + V™ 2 (empty, empty) 



e + V™ 2 (empty, empty) 
m + e + max{V^- m+e)2 (empty, t+J2 /(*))} 



m+e 



i=l 



= e 



([0] T ,node(m,t, T)) 

1 + ^(e-rnr (*> 

(node(m,t, T), [0]r) 



Moreover, observe that 

empty + empty = empty = [0]r = [0]r + empty 
node(m, t, T) + empty — node(m, t, T) + [0]r 

This concludes the proof. □ 

Proposition 3 (Compatibility) For every n, e E N, empty <" t for every t and, moreover, if 
t <™ u then t + v<™u + v for every t, u, v. 

Proof, empty <™ t is trivial. The second statement can be proved by induction on n. The base 
case is trivial. In the inductive case, we can suppose all the involved trees to be different from 
empty. Suppose that node(m, t, T) <™ +1 node(l, u, U). We should prove node(m + k, t + v, T U 
V) <™ +1 node(l + k, u + v, U U V). However, 

m + k < (l + e)-d + k=(l + k + e)-d 
d d 
t + v < n d2 u + J2 /(*) + v = u + v + J2 /(*) 

i=l i=l 



Moreover, for every z ET UV there certanily exists w G (7U V such that z <^ w. □ 
Proposition 4 (Transitivity) J/ 1 <" it <^ w, i/ien i <^+ e w - 

Proof. We go by induction on n. We can directly go to the inductive case, since if n = 0, then 
the thesis is trivial. We can assume all the involved trees to be different from empty. Let us 
suppose node(m,t,T) <" +1 node(l,u,U) and node(l,u,U) <' d l+1 node(k,v,V) First of all, we 
have m < I + e — c and I < k + d — b, which yields m < k + d — b + e — c = k + (d + e) — (b + c). 
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Moreover, by hypothesis, there are functions / : {1, . . . , c} — ► U and g : {1 ; . . . , b} — ► V such that 

c 
b 

(=1 

Therefore, by inductive hypothesis and by proposition [3| 

c b 

t <^ +fc2 w+E/w+E^o 

i=l i=l 
c 6 



where /i : {1, . . . , c} — + V. We can then find a function fc : {1, . . . , c + b} — ► V such that 

c+b 



t^^w+E^*)- 



Finally if z G T then we find w £ U such that z <™ u>. We then find x £ V such that w x and 

so z < n c+b x. a 

Proposition 5 For every n, e and for every t, u, v, T)™(t, u) < P™ (i + u, « + t>) 

Proof. We can proceed by induction on n and, again, the case n = is trivial. In the inductive 
case, as usual, we can suppose all the involved trees to be different from empty. We have 

V™ +1 (node(m, t, T), node(l, u, U)) 

l-j-e—m 

= l + e-m + max{T>% +e _ m)2 (t,u+ ^ /(*))} 

i+e — m 

= l + e-m + Vf l+e _ m)2 (t,u + /W) 

i—l 

where / and realizes the max. By induction hypothesis, 
£>™ +1 (We(m, t, T), node (I, u, U)) 

(l+k)+e-(m+k) 

< (l + k) + e-(m + k)+Vl l {l+k)+e _ {m+k))2 (t + v,u + v+ £ /(<)) 

i=l 

< T>™ +1 (node(m, t, T) + node(k, v, V), node(l, u, U) + node(k, v, V)) 

This concludes the proof. □ 
Proposition 6 V™(t,u) + Tq{u,v) < V™ +d (t,v) 

Proof. We can proceed by induction on n and, again, the case n = is trivial. In the inductive 
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usual, we can suppose all the involved trees to be different from empty. Now 
X>" +1 (We(TO, t, T), node(l, u, U)) + V™ +1 (node(l, u, U), node{k, v, V)) 

i+e— m 



= ! + e -m + max{% e _ m)2 (t,«+ Y /(«))} 
J 1=1 

k+d-l 

+k + d-l + max{V? k+d _ l)2 (u,v+ 9(i))} 
9 »=i 

l-\-e—rn 

= k+(e + d)-m + V? l+e _ m)2 (t,u + Y /(*)) 

i=l 

+©f fe+d -^(^+ E fW) 

i=l 

= fc+( e + d)-m + Pf, +e _ ro)2 (i,u + /(O) 

£+e— m k-\-d—l l-\-e— m 

+v? k+d _ l)2 (u+ y E 5«+ E /w) 

i — 1 Z— 1 Z— 1 

k-\-d—l l-\-e — m 

< k+(e + d)-m + V? l+e _ m)2+{k+d _ l)2 (t,v + J2 9(i)+ E /W) 



i=l 

l+e—m 



i=l i=l 

A function h : {1, ...,/ + e — to} — > V such that £'±i~ m /(*) <(j + e- ro )(fc+d-i) El±i~ m M*) can 
be easily defined, once we remember that node(l,u,U) < d node(k,v,V). This yields 

V™ +1 (node(m, t, T), node(l, u, Uj) + V^ +1 (node(l, u, U), node(k, v, V)) 

k+d—l l+e— m 

< k + {e + d)-m + Vl +e _ m)2+{k+d _ l)2 {t,v+ Y, 9(i)+ E /W) 

k+d—l l+e — m k+d—l l+e — m 

+^(i + e- m ) ik+ d-i)(y + E a{i)+ E E fW+ E mo) 

i — 1 i — 1 z— 1 z— 1 

k+d—l l+e — m 

< k + {e + d)-m + V n {k+(e+d) _ m)2 {t,v + Y, 9(i)+ E MO) 

l+{d+e)—m 

< k + (e + d)-m + Vf k+{e+d) _ m)2 (t,v+ Y 

i=l 

where p : {1, . . . , I + (d + e) — to} — > V, p(i) = /(«) if i < I + e — to and p(i) = g(i — (I + e — to)) 
otherwise. But, then 

V™ +1 (node(m, t, T), node(l, u, U)) + T> d +1 (node(l, u, U), node(k, v, V)) 
< V r > +d (node(m,t,T),node(k,v,V)) 

This concludes the proof. □ 

Lemma 23 For every t,u,e, ift <™ ax { de P*' l ( t )' de P*' l ( M )} u ^ then for every n > m&x{ depth (t), depth(u)} , 
t< n e u andV^(t,u) = V7™ {depth{t) < depth{u) \t,u). 

Proof. A straightforward induction on ma,x{ depth (t) , depth(u)}. □ 

The binary relation <r on |T| is defined by putting t <r u whenever depth{t) < depth(u) and 
t < de P th ^ u . V T is defined by letting V T (t,u) = V* epth(u) (t, u). 
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Lemma 24 T = +, <r 7 2?t) a resource monoid. 

Proof. (|T|,+) is certainly a commutative monoid. For every t, t <t t, as can be proved by 
induction on t: empty <g empty by definition and, moreover, t — node(m,u, 
because, by inductive hypothesis, u <depth(u) u w j 1 ^ c ] 1 yields, by lemma 051 u <devth(t) 1 ^ j n ^ e 
same way, we can prove that, for every v £ U, v <^ e P f ' l (*) 1 v _ Now, suppose t <t u and u <t v. 
This means that t <depth(u) u ^ u ^depth(v) ^ depth{t) < depth(u) and depth(u) < depth(v). We 
can then conclude that depth(t) < depth(v), that t <depth{v) u lemma |23J) and t <depth(v) v 
(by proposition |SJ) . This in turn yields t <q- v. Let us now prove compatibility: suppose t <q- u 
and let v be a tree. Then depth(t) < depth(u) and t <depth(u) ^ ^ depth(v) < depth(u), then 
depth(u + v) = depth(u) and we can proceed by getting t + v <depth(u+v) u -\- v (by proposition 0), 
which means t + v <q- u + v. If, on the other hand, depth(v) > depth(u), then we can first apply 
lemma 051 obtaining t <depth{u+v) u ^hen t + v <_depth{u+v) u ^_ v proposition UJ . By way 
of lemma 051 and propositions [S] and we get 

V T (t,u) + V T (u,v) = V depth{u) (t, u) + V* epth{v \u, v) 

= v depth(v) u) + v depth(v) ( ^ v) 

X>r(*,«) = Po epa(u) (*.«) <X>^ (u+0) (i,«) 

< V d epth(u+V) (t + v,u + v)=V T {t + v,u + v) 



This concludes the proof. □ 

A light length space is a length space on the resource monoid T = (\T\, +, <r, Given a light 
length space A — (\A\, IK4), we can define: 

• The light length space = (|^4|, IHa) where f, e Ih^ a iff u, e Ih^ a and f >t'm. 

• The light length space §^4 = (|A|, \\-§a) where t, e lh§A a iff u, e \\~a a and t >r §u. 

The following results states the existence of certain morphisms and will be useful when interpreting 
light affine logic. 

Lemma 25 (Basic Maps) Given light length spaces A,B, there are morphisms: contr :\A — > 
\A®\A, distr : $A®§B — > §(A®B) and derelict :\A — ► §A where contr(a) = (a, a) and distr(a,b) = 
(a,b) and derelict(a) = a. 

Proof. We know that {e con t r }(d) takes time at most \d\ + p, where p is a constant. Then, let 
t,u £ |T| be such that J-r{t) >P + \e CO ntr\, 3~t{u) > cp. Define t contr to be t + u+ [2]t- Clearly, 
^Titcontr) > |e C ontr|- Now, let v, d \\~ia a- This means that v >t\w where w, d \\~a el. Then: 

u+\w+\w >t \w+\w 
T T {u+hv+\iv) > T T {u) + T T {\w) + T r {\w) 

> cp + T T {\w)+T T {\w)>\{d,d)\ 

This implies u+lw+\w, \{d,d)\ \\~\a&.a (a, a). Moreover, u+\w+\w = u+hv + [l]r <r v + t contr . 
Finally, 

Time {{e contr} (d)) < \d\ + p < T r {w) + T tr ees{t) 

< T> T (u+\w+\w, Iw + t contr ) < T>r(u+\w+\w,v + t contr ) 

This proves contr to be a morphism. 

Let edistr = £id- We know that {e.id}{d) takes constant time, say at most p. Then, let 
t, u £ |T| be such that J-r{t) > p + \edistr\, Ft{u) > cp. tdistr is then defined as t + §u. Now, let 
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v, (d,c) \\-§a®§b (a,b). This implies that v > §w + §x, where w,d Ih^ a and x,c \\~b 6. This in turn 
means that w + x + u, (d, c) \\-a®b (a, b) and §(w + x + u), (d, c) \\~a®b (a, b). Moreover 

§(io + x + tt) = §«; + §x + §u < w + £ djstr 

Finally: 

Time({edistr}((d,c))) < p < Tr(t) 

< V T (0, t) + V T (§(w + x + u), v + §u) < £> r (§(iu + a; + u), v + t djatr ) 

This proves distr to be a morphism. 

Let edereUct = e^. We know that {edereiict}(<i) takes constant time, say at most p. Then, let 
tdistr G \T\ be such that Tr(tdistr) > P+ \ederiict\- Now, let v,d \\-\a a. This means that v >\w, 
where w, d \\~a a- This in turn means that §u>, d lh§^ a- Moreover 

§w <lw <lw + t dereUct . 

Finally: 

Time({e dts tr}(d)) < P< Ft (tderelict) 

< V T (0, tdereUct) + T> T (§W, !w) 

< T> T (§W,\W + tdereUct) 

This proves derelict to be a morphism. □ 

Lemma 26 for every i G \T\, there is u such that, for every v, \(v + t) <t*v + U- 

Proof. First of all we will prove the following statement by induction on t: for every t, there is 
an integer t such that for every u, u + t <™ ax f (ie P t ' l ( M )<< ie P f ' l ( t )j' u If t = empty, we can choose t to 
be just 0, since u <q u for every u. If t = node(m 1 v, V), then we put t = m + v + ^2 w€V w. Let 
u be an arbitrary tree and let us assume, without losing generality, that u — node(l,w,W). Let 
d = v + J2wev w - We S et 

I + m < I + m + (v + ^ w) — (v + w) 

wev wev 

l + t-d 



.maxf depth(v) . depth(w)} 
V + W <- v / ! f w 



d 



< 



^{de P th(v),de P th( w )} W + J2 empty 



i=l 

\/x G V.x ^depth(x) empty 

V.t G W.x <de P th( x ) x 

Using known results, we can rewrite these inequalities as follows 

l + m < l + t-d 

d 

. ^ma,x{ depth(t) ,depth(u)} — 1 . \ , 

v + w < d2 1 y w y y " w + > empty 

1=1 

VzGV.z <^{'fcp«'(t).'fcptf»(»)}-i empty 

y x g < -max{dept/s(t),dept/s(u)}-l ^ 



This yields u + * <™*«{<««).<^«} t . 
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Let us now go back to the lemma we are proving. We will now prove that for every t, any term 
U = node(t,w, U) such that depth(u) — depth (t) + 1 satisfies the thesis. Indeed, if we put d — t 
and n = depth(v + t), we get: 

1 < t-d+1 
empty <^ l 2 u 
v + t <2 v 

This, in turn implies l(v + 1) <q +1 Iv + u, which yields l(v + 1) <t^v + u. □ 
Lemma 27 (Functoriality) If f : A — B, then there are ip,9 such that f :\A — L - and 

Proof. Let £ be the tree obtained from p by lemma l2"Hl and put ip = £ + ip + [l]r- Suppose that 
t, d \\-\a a. Then t >\u, where u, d Ih^ a. Observe that there must be v, c such that v, c Ihs /(a), 
V <t u + ip and Time({e}(d)) < Tt(u + p)T>t(v, u + </?)• But then \v, c \\-\b /(a) and moreover 

\v < T \(u + <p) < T \u + £ < T t + tp 
Time({e}(dj) < V T (v, u + (p) < V T (\v, \(u + <p) + [l]r) 
< V T (\v,\u + i+[\\ T ) <V T (\ Vl t + i>) 

This means that / :\A ^IB. Now, let 9 be §<p and suppose t, d Ihg^ a. Then t > §it, where 
m, d lh^4 a. Observe that there must be v, c such that v, c \\~b /(a), v <T u + <p and Ti?7ie({e}(d)) < 
Tt(u + (p)T>r(v, u + ip). But then §u, c lh§s /(a) and, moreover 

§t> < r §(u + = §u + §<^ <r t + 6 
Time({e}(d)) < V T (v, u + tp) < V T (§v, %(u + tp)) 
< V T (§v,§u + §p))<V T (§v,t + 9) 

This means that / : §A ^ §£. □ 
Now, we can prove a polynomial bound on J 7 x(t)- 

Proposition 7 For every n G N i/iere is a polynomial p n : N — ► N smc/i f/ia£ J-q-(t) < Pd ep t/ l (t)(|t|)- 

Proof. We prove a stronger statement by induction on n: for every n £ N there is a polynomial 
g„ : N 2 — > N such that for every t,e, P" (empty ,t) < q n (\t\,e). First of all, we know that 
"D® (empty, t) — 0, so go is just the function which always returns 0. q n +i is defined from q n as 
follows: q n+1 (x,y) (x(x + y + l),(x + y) 2 ). Indeed: 

T*™ +1 (empty , empty) = e + T>™(empty, empty) 

< e + g„(0, e) < e + \empty\ 
+q n {\empty\(\empty\ + e + 1), (\empty\ + e) 2 ) 

= q n+1 (\empty\,e) 

m+e 

V™ +1 (empty ,node(m,t,T)) = m + e + max{P" m+e - )2 (empty, t + >J /(»))} 

' i=l 

< to + e + q n ((m + e + \)(\node(m, t,T)\), (m + e) 2 ) 

< | node (m, i, T)| + e 

+9 n ((|node(m, t, T)| + e + l)(|node(m, i, (|node(m, t, T)\ + e) 2 ) 

< g n+ i(|node(m,t,T)|,e) 

At this point, however, it suffices to put p n (x) = q n (x, 0). □ 

As for EALand SAL, we cannot claim (n,m) <—> p n (m) to be a polynomial. However, this is not a 
problem since we will be able to majorize binary strings by trees with bounded depth (cf.Remark|21). 
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6.1 Interpreting Light Affine Logic 

As for the ! modality, l§Ajf = §[A]f . 
Theorem 3 Light length spaces form a model of LAL. 
Binary lists can be represented in LAL as cut-free proofs with conclusion 
Listihi = Va.!(a — o a) —o\(a — o a) — o §(a —° a) 

Corollary 3 (Soundness) Let tt be an LAL proof with conclusion h {!, §} J LjsiLAL - {!j §} fc £*s£LAL 
and let f : B ^> B be the function induced by [vr]'*. Then f is computable in polynomial time. 

7 Interpreting LFPL 

In |S] one of us had introduced another language, LFPL, with the property that all definable 
functions on natural numbers are polynomial time computable. The key difference between LFPL 
and other systems is that a function defined by iteration or recursion is not marked as such 
using modalities or similar and can therefore be used as a step function of subsequent recursive 
definitions. 

In this section we will describe a resource monoid Ai for LFPL, which will provide a proof of 
polytime soundness for that system. This is essentially the same as the proof from |SJ, but more 
structured and, hopefully, easier to understand. 

The new approach also yields some new results, namely the justification of second-order quan- 
tification, a !-modality, and a new type of binary trees based on cartesian product which allows 
alternative but not simultaneous access to subtrees. 

7.1 Overview of LFPL 

LFPL is intuitionistic, affine linear logic, i.e., a linear functional language with ®, — o, +, x. Unlike 
in the original presentation we also add polymorphic quantification here. In addition, LFPL has 
basic types for inductive datatypes, for example unary and binary natural numbers, lists, and 
trees. There is one more basic type, namely 0, the resource type. 

The recursive constructors for the inductive datatypes each take an additional argument of type 
which prevents one to invoke more constructor functions than one. Dually to the constructors 
one has iteration principles which make the 0-resource available in the branches of a recursive 
definition. For example, the type T(X) of .XT-labelled binary trees has constructors leaf : T(X) 
and node : — o X — o T(X) —o T(X) — o T(X). The iteration principle allows one to define a 
function T(X) — ° A from closed terms A and 0—oX—oA—oA—oA. 

In this paper we "internalise" the assumption of closedness using a !-modality. 

Using this iteration principle one can encode recursive definitions by ML-style pattern matching 
provided recursive calls are made on structurally smaller arguments only. 

Here is a fragment of an LFPL program for "treesort" written in functional notation: the 
additional arguments of type are supplied using @. Note that the insert function takes an extra 
argument of type 0- 

let insert x t d = match t with 
Leaf -> Node (x, Leaf , Leaf )@d 
I Node(y,l,r)@d' -> 

if x<=y then Node (y, insert x 1 d,r)@d' 
else Node (y,l, insert x r d)@d' 

let extract t = match t with 
Leaf -> nil 
I Node(x,l,r)@d -> 

append (extract 1) (cons (x, extract r)@d) 
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7.2 A Resource Monoid for LFPL 



The underlying set of M. is the set of pairs (l,p) where I £ N is a natural number and p is 
a monotone polynomial in a single variable x. The addition is defined by (h,Pi) + (fa,P2) = 
(I i + h,Pi + P2), accordingly, the neutral element is = (0,0). We have a submonoid Mo = 

{{l, P )eM\l = 0}. 

To define the ordering we set (h,Pi) < {I21P2) iff h < h an d (P2 — Pi)( x ) is monotone and 
nonnegative for all x > Z 2 . For example, we have (1,42a;) < (42,. x 2 ), but (1,42a;) ^ (41, a; 2 ). The 
distance function is defined by 

l>M((h,Pi), (h,P2)) = (P2 -Pi){h) 
We can pad elements of M by adding a constant to the polynomial. The following is now obvious. 

Lemma 28 Both M and Mo are resource monoids. 

A simple inspection of the proofs in Section [3.11 shows that the realisers for all maps can be chosen 
from Mo- This is actually the case for an arbitrary submonoid of a resource monoid. We note that 
realisers of elements may nevertheless be drawn from all of M. We are thus led to the following 
definition. 

Definition 1 An LFPL-space is a length space over the resource monoid M. A morphism from 
LFPL length space A to B is a morphism between length spaces which admits a majorizer from 

Proposition 8 LFPL length spaces with their maps form a symmetric monoidal closed category. 

Definition 2 Let A be an LFPL space and n £ N. The LFPL space A n is defined by \A"\ = \A\ 
and a, e Ih^n a iff a > (2n — 1).(3 for some (3 such that [3, e Ih^ a. 

So, A n corresponds to the subset of A (g> • • • <g> A consisting of those tuples with all n components 
equal to each other. The factor 2n — 1 ("modified difference") instead of just n is needed in order 
to justify the linear time needed to compute the copying involved in the obvious morphism from 

A rn+n tQ A m ® A n . 

Let / be an index set and Aj, Bi be /-indexed families of LFPL spaces. A uniform map from 
(Ai)i to (Bi)i consists of a family of maps fi:Ai—> Bi such that there exist e, a with the property 
that a, e lh /j for all i. Recall that, in particular, the denotations of proofs with free type variables 
are uniform maps. 

Proposition 9 For each A there is a uniform (in m,n) map A m+n — » A rn (g) A n . Moreover, A 1 
is isomorphic to A. 

The LFPL-space is defined by |0| = {0} and put a, d lh if a > (1, 0). 

For each LFPL-space A we define LFPL-space I A by \\A\ = \A\ and a,t \\~\a a if there exists 
a' = (0,p) e Mo with a', t \\~a a and a > (0, (x + l)p). 

Proposition 10 There is an LFPL space and for each LFPL space A there is an LFPL space \A 
with the following properties: 

• 1^1 = ^1- 

• Iff:A-+B then f :\A -vLB. 

• \(A®B) ~\a®\b 

• The obvious functions \A ® () n — > A n ® 0™ are a uniform map. 

The last property means intuitively that with n "diamonds " we can extract n copies from an element 
of type I A and get the n "diamonds" back for later use. 
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Proof. We have (0 + l)p(0) = p(0) > \t\. Compatibility with (g) is obvious. 

For functoriality assume that <f>, e IH / where <f> = (0, q) G A4q. We claim that (0, (x+l)q), e lh / 
gwa morphism from !A to !£>. Suppose that a,t \\-\a a where a > (0, (x + l)p) and (0,f>),t Ih^ a. 
Since / is a morphism, we obtain v, (3 such that /3,v \\~b f{o) and [3 < cj)+(0,p). This implies that 
[3 S A^o as well, say, /3 = (0,r) where r < p + q. We also know that r(0) > |u by the definition 
of length spaces. Now (0, (x + l)r), v \\-\b /(&)■ On the other hand (x + l)r < (x + l)(p + q). The 
resource bounds are obvious. 

Finally, consider the required morphism \A ® 0™ — > ^4" <8 0™. Clearly, it may be realised by 
the identity; we claim that can serve as a majoriser. Indeed, a majoriser of (a, d) G |!A eg) <0™| is 
of the form (2n — 1, (a; + where (0,p) majorises a in A. Now, (2n — 1, (2n — l)p) is a majoriser 
of (a, d) in A n (g) 0". But ((x + 1) — (2n — l)p is monotone and nonnegative above In — 1. □ 

Remark We remark at this point that we obtain an alternative resource monoid Ais for SAL 
whose underlying set and ordering are as in M., but whose addition is given by addition as 
{hiPi) + = (max(Zi, l%),pi +P2)- Length spaces over A4$ with maps majorised by A4$ 

(not Ado) then also form a sound model of SAL. This points to a close relationship between LFPL 
and SAL and also shows a certain tradeoff between the two systems. The slightly more complex 
model is needed for LFPL since in LFPL the C-rule of SAL is so to say internalised in the form of 
the uniform map \A ® 0™ — * A n ® 0™. Notice that SAL's map I A — * A n cannot be uniform. This 
uniformity of LFPL allows for an internal implementation of datatypes and recursion as we now 
show. 

Definition 3 Let Ti be a family of LFPL spaces such that |Tj| = T independent of i. The LFPL 
space 3i.Ti is defined by |3i.Tj| = |T| and ct,e \\~3i.Ti t if a,e Ih^ t for some i. 

Note that if we have a uniform family of maps Tj — > U where U does not depend on i then we 
obtain a map 3i.Ti — > U (existential elimination). 

Conversely, if we have a uniform family of maps Ui — > Vfu\ then we get a uniform family of 
maps Ui — > 3j.Vj (existential introduction). We will use an informal "internal language" to denote 
uniform maps which when formalised would amount to an extension of LFPL with indexed type 
dependency in the style of Dependent ML |15) . 

7.3 Inductive Datatypes 

In order to interpret unary natural numbers, we define N — 3n.N n where 

N n = 0™ ® MA.(A -o A) n -0 A -o A 

We can internally define a successor map (8) iV n — » A^ n+ i as follows: starting from d : §,d : 0™ 
and / : \/(A —oA) n A ^> A we obtain a member of (from d and d) and we define 

/' : V(A -o A)™ +1 -o A -o A as X(u A ^ A , u ( - A ^ A ^).Xz A .u(f u z). From this, we obtain a map 
g) — > TV by existential introduction and elimination. 

Of course, we also have a constant zero J — ► A^o yielding a map I — > N by existential intro- 
duction. 

Finally, we can define an iteration map 

\(()® A-o A) -o N n ^= A^= A 

as follows: Given t :\(() ® A —o A) and (d, f ) G A^ we unpack t using Proposition ^| to yield 
f G ((0 ® A) — o A) n as well as c? G 0". Feeding these "diamonds" one by one to the components 
of t' we obtain t" G (A ^ yl) 8 ". But then / t" yields the required element of A -<> A. 
Existential elimination now yields a single map 

!(0 ig) A -0 A) -0 A^ -o A ^ A 
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Similarly, we can interpret binary X-labelled trees using a type family 

T n = O n <8> Vpf -o A -o A -o A)™ -o -o A 

and defining trees proper as 3n.T n . We get maps leaf : T and node : (g> X ® T ni ® T„ 2 — ► 
T„ 1+ „ 2+ i and an analogous iteration construct. 

Finally, and this goes beyond what was already known, we can define "lazy trees" using carte- 
sian product (also known as additive conjunction). 

First, we recall from ordinary affine linear logic that an additive conjunction can be defined as 

A x B = VC.(C -o A) <g> (C -o B) <8> C 

The first projection map A x B — > A is given internally by A(/ c ^ > ' 4 , g c ^ B , c c )./ c. Analogously, 
we have a second projection. Given maps / : C — ► A and g : C — > i? we obtain a map (/, g) : C — > 
ixB internally as Ac c .(/, <?, c). 

Now, following the pattern of the binary trees T m n above, we define another family 

T x = d ® VA(X ^(AxAj^if^A^i 

and T x = BcZ.T/. We get maps leaf : -> T X and node : ® X eg) (T dl x T da ) -► T 1+max(dlA) 
as well as an analogous iteration construct. 

We describe in detail the construction of the "node" map which is not entirely straightforward. 
First, we note that for any length spaces A, B and m, n the obvious map (0 m ®i) x (0" <8> B) — ► 
O max ( m ' n )<S>(Ax.B) is a morphism. This is because a majoriser of an element of (() m ®A) x (§ n <giB) 
must be of the form (k,p) where k > max(ra,u) in view of the existence of the projection maps. 

Now suppose we are given (internally) d : §,x : X, Ir : T d x x T d x . Using the just described 
morphism we decompose Ir into d : () max ( d i> d 2) an d \ r ' \Y dl x Wd 2 where Wi = (X —° (A x A) — o 
A) 1 —o A -o A. We have stripped off the universal quantifier. 

Now d and d together yield an element of ^!+ max ( d i^2) remains to construct a member of 
W 1+max{dltd2) . To this end, we assume u : X -o (Ax A) -o A and / : (X -° (Ax A) -o A) max ( dl ^ 2 ) 
and define the required element of 4 as « i (Zr'.l / a,lr'.2 f a). Here .1 and .2 denote the 
projections from the cartesian product. The sharing of the variables /, a, Ir' is legal in the two 
components of a cartesian pairing, but would of course not be acceptable in a ® pairing. We have 
elided the obvious coercions from (_) max ( d i, d 2) ^ (_j di . 

We remark that these cartesian trees are governed by their depth rather than their number 
of nodes. We also note that if X = I we can form the function \d® .Xt T .node d () (t, r) : -o 
T x — o T x . Iterating this map yields a function N — o T x computing full binary trees of a given 
depth. Of course, on the level of the realisers, such a tree is not laid out in full as this would require 
exponential space, but computed lazily as subtrees are being accessed. Exploring the implications 
of this for programming is left to future work. 

8 Conclusion 

We have given a unified semantic framework with which to establish soundness of various systems 
for capturing complexity classes by logic and programming. Most notably, our framework has all 
of second-order multiplicative linear logic built in, so that only the connectives and modalities 
going beyond this need to be verified explicitly. 

While resulting in a considerable simplification of previous soundness proofs, in particular 
for LFPL and LAL, our method has also lead to new results, in particular polymorphism and a 
modality for LFPL. 

The method proceeds by assiging both abstract resource bounds in the form of elements from 
a resource monoid and resource-bounded computations to proofs (respectively, programs). In this 
way, our method can be seen as a combination of traditional Klcene-style realisability (which 
only assigns computations) and polynomial and quasi interpretation known from term rewriting 
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(which only assigns resource bounds). An altogether new aspect is the introduction of more 
general notions of resource bounds than just numbers or polynomials as formalised in the concept 
of resource monoid. We thus believe that our methods can also be used to generalise polynomial 
interpretations to (linear) higher-order. 
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